Benjamin Admin
9bc816e55c
Build + Deploy / build-admin-compliance (push) Successful in 2m13s
Build + Deploy / build-backend-compliance (push) Successful in 3m19s
Build + Deploy / build-ai-sdk (push) Successful in 54s
Build + Deploy / build-developer-portal (push) Successful in 1m17s
Build + Deploy / build-tts (push) Successful in 1m46s
Build + Deploy / build-document-crawler (push) Successful in 41s
Build + Deploy / build-dsms-gateway (push) Successful in 23s
Build + Deploy / build-dsms-node (push) Successful in 12s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / loc-budget (push) Failing after 19s
CI / secret-scan (push) Has been skipped
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m59s
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-go (push) Successful in 43s
CI / test-python-backend (push) Successful in 1m4s
CI / test-python-document-crawler (push) Successful in 34s
CI / test-python-dsms-gateway (push) Successful in 26s
CI / validate-canonical-controls (push) Successful in 16s
Build + Deploy / trigger-orca (push) Successful in 3m18s
Game-changing CMP feature: Users accept a category (e.g. Marketing) but can restrict data processing to EU/EWR-only vendors. Non-EWR vendors are blocked even when the category is accepted. - Toggle "Nur EU/EWR-Anbieter" with globe icon in blue gradient bar - Blocked vendors shown as red pills with strikethrough icon - Per-vendor status icons: green checkmark (active), red slash (blocked), gray dash (category disabled) - Country column: green circle+check for EWR, amber warning for non-EWR - EWR = EU27 + IS/LI/NO + CH (Angemessenheitsbeschluss) - Vendor data extracted to cookie-banner-vendors.ts (under 500 LOC) - Consent state includes ewrOnly flag + blockedVendors list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
86 lines
3.6 KiB
TypeScript
86 lines
3.6 KiB
TypeScript
/**
|
|
* Cookie Banner — Vendor data and EWR classification.
|
|
*
|
|
* Demo vendors per category, mirroring the service registry + cookie_table_generator.py.
|
|
* Used by CookieBannerOverlay for vendor display and EWR filtering.
|
|
*/
|
|
|
|
export interface VendorInfo {
|
|
name: string
|
|
cookies: string
|
|
provider: string
|
|
retention: string
|
|
country: string
|
|
}
|
|
|
|
export interface CategoryVendorData {
|
|
label: string
|
|
description: string
|
|
vendors: VendorInfo[]
|
|
}
|
|
|
|
// EWR = EU + Island, Liechtenstein, Norwegen. CH has adequacy decision.
|
|
const EWR_SAFE = ['de', 'at', 'fr', 'nl', 'ie', 'se', 'dk', 'fi', 'be', 'it', 'es',
|
|
'pt', 'pl', 'cz', 'hu', 'ro', 'bg', 'hr', 'sk', 'si', 'lt', 'lv', 'ee', 'cy',
|
|
'mt', 'lu', 'gr', 'is', 'li', 'no', 'ch', // CH: Angemessenheitsbeschluss
|
|
'eu', 'ewr', 'eigener server']
|
|
|
|
export function isEWR(country: string): boolean {
|
|
if (!country) return true // No country info = assume first party
|
|
const lower = country.toLowerCase()
|
|
return EWR_SAFE.some(safe => lower.includes(safe))
|
|
}
|
|
|
|
export function isOutsideEWR(country: string): boolean {
|
|
return !isEWR(country)
|
|
}
|
|
|
|
export function countNonEWRVendors(): number {
|
|
let count = 0
|
|
for (const cat of Object.values(CATEGORY_VENDORS)) {
|
|
count += cat.vendors.filter(v => isOutsideEWR(v.country)).length
|
|
}
|
|
return count
|
|
}
|
|
|
|
// Demo vendors per category — mirrors service registry + cookie_table_generator.py
|
|
export const CATEGORY_VENDORS: Record<string, CategoryVendorData> = {
|
|
necessary: {
|
|
label: 'Notwendig',
|
|
description: 'Fuer die Grundfunktionen der Website erforderlich.',
|
|
vendors: [
|
|
{ name: 'Session', cookies: 'session_id', provider: 'Eigener Server', retention: 'Session', country: 'DE' },
|
|
{ name: 'Consent-Cookie', cookies: 'bp_consent', provider: 'Eigener Server', retention: '12 Monate', country: 'DE' },
|
|
{ name: 'Cloudflare', cookies: '__cf_bm', provider: 'Cloudflare Inc.', retention: '30 Min.', country: 'USA (DPF)' },
|
|
{ name: 'Stripe', cookies: '__stripe_mid', provider: 'Stripe Inc.', retention: 'Session', country: 'USA (DPF)' },
|
|
],
|
|
},
|
|
statistics: {
|
|
label: 'Statistik',
|
|
description: 'Helfen uns zu verstehen, wie Besucher mit der Website interagieren.',
|
|
vendors: [
|
|
{ name: 'Google Analytics', cookies: '_ga, _gid', provider: 'Google LLC', retention: '2 Jahre', country: 'USA (DPF)' },
|
|
{ name: 'Hotjar', cookies: '_hj*', provider: 'Hotjar Ltd.', retention: '1 Jahr', country: 'EU (Malta)' },
|
|
{ name: 'Google Tag Manager', cookies: '_gcl_au', provider: 'Google LLC', retention: '90 Tage', country: 'USA (DPF)' },
|
|
],
|
|
},
|
|
marketing: {
|
|
label: 'Marketing',
|
|
description: 'Werden verwendet, um Besuchern relevante Werbung zu zeigen.',
|
|
vendors: [
|
|
{ name: 'Facebook Pixel', cookies: '_fbp, _fbc', provider: 'Meta Platforms', retention: '90 Tage', country: 'USA (DPF)' },
|
|
{ name: 'Google Ads', cookies: '_gcl_aw, IDE', provider: 'Google LLC', retention: '90 Tage', country: 'USA (DPF)' },
|
|
{ name: 'LinkedIn Insight', cookies: 'bcookie, li_sugr', provider: 'LinkedIn Ireland', retention: '6 Monate', country: 'EU (Irland)' },
|
|
],
|
|
},
|
|
functional: {
|
|
label: 'Funktional',
|
|
description: 'Ermoeglichen erweiterte Funktionen und Personalisierung.',
|
|
vendors: [
|
|
{ name: 'Spracheinstellung', cookies: 'bp_lang', provider: 'Eigener Server', retention: '12 Monate', country: 'DE' },
|
|
{ name: 'YouTube', cookies: 'YSC, VISITOR_INFO1_LIVE', provider: 'Google LLC', retention: '6 Monate', country: 'USA (DPF)' },
|
|
{ name: 'HubSpot Chat', cookies: '__hstc, hubspotutk', provider: 'HubSpot Inc.', retention: '13 Monate', country: 'USA (DPF)' },
|
|
],
|
|
},
|
|
}
|